Recommendations to Navigate the Complexities of Cybersecurity Insurance

By Steve Cobb, CISO, One Source

As ransomware and other attacks continue to rise with the emergence of new threats and global conflicts, insurance rates for cyberattacks are rising and policies are adding new requirements as businesses seek to protect their bottom lines against potentially devastating cyber incidents.

The cost of cybersecurity insurance continues to rise exponentially  in response to existing and emerging threats. According to a report from Fitch Ratings, cyber insurance has become the fastest growing segment for U.S. property/casualty insurers, with standalone coverage increasing more than 92 percent in 2021. With the rise of ransomware-as-a-service, new forms of malware, and attacks stemming from the Russia-Ukraine conflict, companies seeking new policies or facing renewals may be caught off guard by significant increases in premiums in the months and years ahead. Additionally, insurance providers continue to add new requirements and stipulations to policies as they seek safeguards and assurances in the face of increasing attacks.

Because of this, One Source is recommending that businesses take the following steps when seeking or renewing their cybersecurity insurance policies:

  • Measure against risk: Companies should identify which areas of their businesses are at the greatest risk for attack, as well as how attacks may be carried out. A manufacturer, for example, may have valuable intellectual property that could be extorted in a ransomware attack, while a bank could potentially have sensitive customer data exposed in a data breach. Assess vulnerabilities to the business and work with providers to size coverage accordingly.
  • Take important steps before applying: Many insurance premiums have requirements for cybersecurity measures companies must have in place – including establishing multi-factor authentication for IT equipment and installing prevention tools in critical systems – as well as preferred lists of cybersecurity vendors. It’s important for companies to work with their managed security providers to understand which measures to implement to lower the cost of their premiums.
  • Find a trusted advisor: Like any type of business insurance, choosing the right cyber policy can be a daunting process with significant complexity. Whether renewing their current policy or seeking a new one, companies should work with a trusted advisor to help understand which aspects of the business need to be covered and identify potentially hidden opportunities to save.

It's not a matter of IF but WHEN

If businesses don’t feel comfortable about their cybersecurity strategy or know where to start, there are resources available to help. Finding a reputable partner to help manage and monitor your cybersecurity protection is a great option if you don’t have the internal skill set, bandwidth, resources, or knowledge to do so.

To help support businesses during this time, we are offering a no-cost threat assessment of your company’s environment.

Our team of highly skilled security experts leverages best-in-class technology to conduct Threat Assessments that evaluate your organization’s cybersecurity policies, vulnerabilities, and protective measures. We provide consultative analysis, including actionable remediation plans, to help you establish a secure infrastructure and appropriate defense systems – all free of charge.

Share this blog:   

Latest blogs

Sign up

Join our mailing list to get updates on our blogs.